about summary refs log tree commit diff
path: root/modules/nixos/endlessh-go.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/endlessh-go.nix')
-rw-r--r--modules/nixos/endlessh-go.nix30
1 files changed, 30 insertions, 0 deletions
diff --git a/modules/nixos/endlessh-go.nix b/modules/nixos/endlessh-go.nix
new file mode 100644
index 0000000..435305d
--- /dev/null
+++ b/modules/nixos/endlessh-go.nix
@@ -0,0 +1,30 @@
+{
+  config,
+  lib,
+  this,
+  ...
+}:
+with lib; let
+  cfg = config.nixfiles.modules.endlessh-go;
+in {
+  options.nixfiles.modules.endlessh-go.enable = mkEnableOption "endlessh-go";
+
+  config = let
+    port = 22;
+  in
+    mkIf cfg.enable {
+      services.endlessh-go = {
+        enable = true;
+        listenAddress = "0.0.0.0";
+        inherit port;
+        prometheus = {
+          enable = true;
+          listenAddress = this.wireguard.ipv4.address;
+          port = 9229;
+        };
+        extraOptions = ["-geoip_supplier=ip-api" "-v=1"];
+      };
+
+      networking.firewall.allowedTCPPorts = [port];
+    };
+}

Consider giving Nix/NixOS a try! <3